BUSINESS WEEK – January 31, 2010 – The
networking industry is stuck in the 1990s, the last time there was a
fundamental shift in commonly deployed network architectures. While
servers and applications have gone virtual, migrating into cloud
computing environments, networking technologies remain bound to
physical hardware and data center racks, creating potential gaps in
support or security in virtualized environments. As server virtualization
moves into the enterprise and cloud data centers, networking needs to
follow with virtual appliances.

Server virtualization uses virtual machines (VMs) to segment a
single physical computer server into multiple logical virtual servers.
In many environments, collapsing multiple overpowered physical servers
onto a single server running multiple VMs can reap significant economic
rewards. A single server consumes less power, takes up less space, may
be easier to manage, and allows for the dynamic creation and removal of
VMs on demand.

VMs can be used inside an enterprise IT department or on public
clouds, such as Amazon's
EC2. They can move from one physical or geographical location to
another using a variety of tools and technologies, such as Rightscale's Cloud
Management Platform or VMware's VMotion.
Yet unfortunately, when a VM moves from one location to another, it
becomes dependent on the networking infrastructure of the physical
appliances attached to the new location.

Moving Toward Virtualization

For the past decade of networking, the basic infrastructure setup
consisted of applications running on servers that were then segmented
by switches into virtual local area networks. Those switches then
connected to routers and a potential plethora of appliances, depending
on the application needs—physical devices such as load balancers,
firewalls, unified threat management devices, Secure Socket Layer
accelerators, virtual private network (VPN) concentrators, intrusion
detection systems (IDS), data loss prevention devices, and so on.

To be sure, some networking devices and appliances are now available
in virtual form. Switches and routers have begun to move toward
virtualization with VMware's
vSwitch, Cisco's
Nexus 1000v, the open-source Open
vSwitch, and routers and firewalls running in various VMs from the
company I helped found, Vyatta.
For load balancers, Citrix has released a version of its Netscaler
VPX software that runs on top of its virtual machine, XenServer;
and Zeus Systems has an application
traffic controller that can be deployed as a virtual appliance on
Amazon EC2, Joyent, and other public clouds.

Stuck in Physical Hardware

Yet the fundamental problem remains: Most networking appliances are
still stuck in physical hardware—hardware that may or may not be
deployed where the applications need them, which means those
applications and their associated VMs can be left with major gaps in
their infrastructure needs. Without a full-featured and stateful
firewall to protect an application, it's susceptible to various
Internet attacks. A missing load balancer that operates at layers three
through seven leaves a gap in the need to distribute load between
multiple application servers. Meanwhile, the lack of an SSL accelerator
to off-load processing may lead to performance issues, and without an
IDS device present, malicious activities may occur. Without some (or
all) of these networking appliances available in a virtual environment,
a VM may find itself constrained, unable to take full advantage of the
possible economic benefits.

Cisco (CSCO),
the networking giant, has articulated a multiphase plan toward virtual
application deployment and network appliances in its Datacenter
3.0 architecture. The company does not, however, offer any
specifics as to its time lines for full network virtualization, so it
remains to be seen if the industry will wait for the market leader or
move to realize the benefits of virtual appliances for networking all
on its own.

Such timing is key, in my mind. The networking industry is clearly
moving toward virtual appliances; the faster it gets there, the faster
applications in the cloud, public or private, will be able to benefit
from the same networking infrastructure they currently enjoy in the
physical world. At which point networking architectures will change to
a degree we've not seen in well over a decade.